CVE-2004-0971 | libgssapi-krb5-2 (CWE-1035)

A low severity vulnerability has been discovered in your project.

Project Name: IssueTest

Scanner Name: trivy

Cwe ID: 1035

Cwe Name: Using Components with Known Vulnerabilities

Cwe Link: https://cwe.mitre.org/data/definitions/1035.html

CVE ID: CVE-2004-0971

Target: nginx:latest (debian 11.3)

Packages:

libgssapi-krb5-2 : 1.18.3-6+deb11u1 - Fixed Version:

References:

Kondukto Remediation

1: testremed 2: test 3: Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed Random remed

Tool Description: The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Custom Description: NEW ENDPOINT TEST

endpointlabs / VulnerableDotNetCore3Project

CVE-2004-0971 | libgssapi-krb5-2 (CWE-1035) #23